Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          MvrlWrJm2Uwt2vjPC4srSlM/h+zj/YeoK+xhAHmqZvY=
Subject key identifier:   8E:D1:B2:4A:5A:0E:B0:AD:CA:61:B3:14:02:94:22:25:C3:FE:91:A6
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       019DA30ACEF984D77E7E6262ACB2E9343BC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          1856
Signing time:             Sun 19 Apr 2026 00:01:27 +0000
Manifest this update:     Sun 19 Apr 2026 00:01:27 +0000
Manifest next update:     Mon 20 Apr 2026 00:01:27 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: l9jyuqGlhdvm8Zk3uHKDTyfMEXLpZZ9ojQFcfE3h0KI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 00:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:0a:ce:f9:84:d7:7e:7e:62:62:ac:b2:e9:34:3b:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Apr 19 00:01:27 2026 GMT
            Not After : Apr 20 00:01:27 2026 GMT
        Subject: CN=8ed1b24a5a0eb0adca61b31402942225c3fe91a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:87:46:2f:a6:0e:77:3f:5c:89:9b:0b:c6:cb:
                    33:01:84:e7:32:b7:14:56:f4:21:5b:2f:c1:d1:5d:
                    b1:f1:56:4d:08:45:0d:cd:51:a7:43:0c:8e:33:94:
                    6d:6f:1e:03:a8:03:0a:c0:bf:c9:05:6d:36:72:fe:
                    b4:dc:2e:3c:6a:eb:6a:33:2c:9f:1f:bc:bf:3d:1d:
                    bd:80:76:bd:61:d8:93:29:6d:f7:c7:32:d3:6f:2e:
                    46:69:3c:a7:a4:32:05:a2:e8:47:da:f8:7a:79:ba:
                    5c:65:48:a6:1f:e8:dc:4e:87:e7:f4:67:cf:98:a2:
                    8c:86:7b:66:41:f4:b1:a4:c4:42:3f:c8:3d:e1:58:
                    ff:7f:93:81:e3:5a:65:7f:e6:c1:16:96:ab:db:f2:
                    0d:39:4e:87:2f:1d:70:68:78:ba:de:1d:9a:ad:a3:
                    59:b2:87:d4:2a:4d:87:20:5a:e5:5d:a4:34:0b:89:
                    28:9c:72:39:9f:0c:f1:d2:2e:13:3c:a3:74:fd:7a:
                    4d:7c:b3:53:39:f1:f8:bf:33:63:29:92:08:fa:a5:
                    3b:36:d0:80:71:cc:1f:02:cf:84:5b:ff:e1:0b:35:
                    17:7a:24:3e:7f:8c:b4:30:e4:0a:c1:2e:6e:7f:86:
                    c7:08:3a:57:09:01:8a:f0:6d:aa:a1:eb:eb:bd:b4:
                    7f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:D1:B2:4A:5A:0E:B0:AD:CA:61:B3:14:02:94:22:25:C3:FE:91:A6
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:5a:03:6f:60:cd:87:20:32:f8:d0:da:46:25:47:fa:a5:d0:
         9d:26:93:71:01:bc:2e:da:cf:23:09:88:18:11:cf:c0:01:5d:
         16:f2:4c:79:63:b6:f0:b6:59:f0:bc:7b:25:49:c3:29:5f:ed:
         84:f2:43:a1:fa:7a:df:9a:5a:25:0c:c5:f9:93:57:d8:36:3a:
         8e:60:5f:71:ae:7c:26:53:97:cd:4b:6d:61:41:96:6f:8d:91:
         46:30:3c:e9:49:f2:89:67:9a:39:85:8e:3c:a3:4a:c8:a3:e6:
         38:bf:4b:a5:c0:2e:1a:9d:d8:b6:91:40:70:7b:e1:56:0d:3e:
         bb:7f:63:11:c3:b7:65:f0:bf:13:85:55:fa:65:88:11:c6:37:
         1e:cc:ee:e9:5d:be:a4:ef:04:e8:c5:3a:58:77:c8:fa:1e:74:
         fa:ae:b6:54:dd:be:0d:75:c6:ca:e9:73:9d:fc:03:11:f6:1c:
         e0:58:98:57:33:a8:f4:6c:6a:23:d8:67:15:cb:38:10:c7:48:
         43:80:b9:e1:19:2a:0e:f6:f2:10:64:42:c9:dc:57:34:e7:52:
         00:89:0c:2f:d7:4a:44:1e:46:88:ac:c7:eb:ca:39:50:38:11:
         54:6a:48:d9:fd:fb:a9:ea:f6:e3:b4:5b:e0:12:54:1f:53:c6:
         5a:34:be:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCs75hNd+fmJirLLpNDvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjYwNDE5MDAwMTI3WhcNMjYwNDIwMDAwMTI3WjAzMTEwLwYDVQQD
Eyg4ZWQxYjI0YTVhMGViMGFkY2E2MWIzMTQwMjk0MjIyNWMzZmU5MWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqodGL6YOdz9ciZsLxsszAYTnMrcU
VvQhWy/B0V2x8VZNCEUNzVGnQwyOM5Rtbx4DqAMKwL/JBW02cv603C48autqMyyf
H7y/PR29gHa9YdiTKW33xzLTby5GaTynpDIFouhH2vh6ebpcZUimH+jcTofn9GfP
mKKMhntmQfSxpMRCP8g94Vj/f5OB41plf+bBFpar2/INOU6HLx1waHi63h2araNZ
sofUKk2HIFrlXaQ0C4konHI5nwzx0i4TPKN0/XpNfLNTOfH4vzNjKZII+qU7NtCA
ccwfAs+EW//hCzUXeiQ+f4y0MOQKwS5uf4bHCDpXCQGK8G2qoevrvbR/AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7RskpaDrCtymGzFAKUIiXD/pGmMB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQVoDb2DN
hyAy+NDaRiVH+qXQnSaTcQG8LtrPIwmIGBHPwAFdFvJMeWO28LZZ8Lx7JUnDKV/t
hPJDofp635paJQzF+ZNX2DY6jmBfca58JlOXzUttYUGWb42RRjA86UnyiWeaOYWO
PKNKyKPmOL9LpcAuGp3YtpFAcHvhVg0+u39jEcO3ZfC/E4VV+mWIEcY3Hszu6V2+
pO8E6MU6WHfI+h50+q62VN2+DXXGyulznfwDEfYc4FiYVzOo9GxqI9hnFcs4EMdI
Q4C54RkqDvbyEGRCydxXNOdSAIkML9dKRB5GiKzH68o5UDgRVGpI2f37qer247Rb
4BJUH1PGWjS+lQ==
-----END CERTIFICATE-----